Unrated severityNVD Advisory· Published Jan 17, 2003· Updated Jun 16, 2026
CVE-2002-1397
CVE-2002-1397
Description
Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer overflow.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9cpe:2.3:a:postgresql:postgresql:6.3.2:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:postgresql:postgresql:6.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:6.5.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:postgresql:postgresql:7.2:*:*:*:*:*:*:*
- (no CPE)range: <=7.2
Patches
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
7- developer.postgresql.org/cvsweb.cgi/pgsql-server/src/backend/utils/adt/cash.c.diffnvd
- distro.conectiva.com.br/atualizacoes/nvd
- marc.infonvd
- secunia.com/advisories/8034nvd
- www.redhat.com/support/errata/RHSA-2003-001.htmlnvd
- www.securityfocus.com/bid/5497nvd
- exchange.xforce.ibmcloud.com/vulnerabilities/9891nvd
News mentions
0No linked articles in our index yet.